Traffic analysis and attack detection

Attack detection

To detect the attack, we use the netflow sent by the routers and analysed by our detection solutions. Each router sends a summary of 1/2000 of traffic in real time. Our solution analyses this summary and compares it to the attack signatures. If the comparison is positive, the mitigation is set up in a matter of seconds.

The signatures analysed are based on the traffic thresholds in "packets per second" (Pps, Kpps, Mpps, Gpps) or "bytes per second" (Bps, Kbps, Mbps, Gbps) on a certain packet type such as:

DNS

ICMP

IP Fragment

IP NULL

IP Private

TCP NULL

TCP RST

TCP SYN

TCP ACK

UDP

...

Depending on the attack type and size, the mitigation setup can take between 5 and 120 seconds.

In accordance with the 2006/112/CE Directive, modified on 01/01/2015, prices incl. VAT may vary according to the customer's country of residence (by default, the prices displayed are inclusive of the UK VAT in force).